Information Systems Security Officer – Isso
| Company | True Zero Technologies |
|---|---|
| Location | Washington, DC, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Mid Level, Senior |
Requirements
- Experience with and knowledge of Federal DevSecOps frameworks and processes
- Experience with IS accreditors, policies, and procedures to support Authority to Operate (ATO)/Authority to Connect (ATC) decision making and operational practices.
- Experience with RMF, NIST SP 800-53, Security Technical Implementation Guides (STIGs), and/or Security Content Automation Protocol (SCAP) Compliance Checker
- Knowledge of and experience leading the A&A process
- Knowledge of IT security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- Experience in preparing detailed SSPs to achieve ATO objectives.
- Knowledge of new and emerging IT and cybersecurity technologies
- BA or BS degree in Computer Science or related discipline from an accredited college or university, and/or at least 4 years of experience in related field
- Excellent communication skills, verbal and written, with ability to influence and collaborate with leadership, peers, and team members
- Approved to work in the United States
- Active clearance, or ability and willingness to submit for a clearance/BI process
Responsibilities
- Maintaining the overarching operational security posture and managing the day-to-day security operations of your assigned Information System (IS);
- Developing, reviewing, and maintaining security and authorization documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs);
- Performing vulnerability/risk assessment analyses to support assessment and authorization (A&A);
- Ensuring the implementation and maintenance of security controls in accordance with the SSP and the organization’s security policies, standards, and procedures;
- Supporting security authorization activities in compliance with National Institute of Standards and Technology Risk Management Framework (NIST RMF).
- Providing configuration management (CM) for IS security software, hardware, and firmware, and leading Change Control Board (CCB) meetings; and,
- Providing guidance and security expertise to program leadership.
Preferred Qualifications
-
No preferred qualifications provided.